Semi-supervised approach for detecting distributed denial of service in SD-honeypot network environment

Sumadi, Fauzi Dwi Setiawan and Aditya, Christian Sri Kusuma and Maulana, Ahmad Akbar and Syaifuddin, Syaifuddin and Suryani, Vera (2022) Semi-supervised approach for detecting distributed denial of service in SD-honeypot network environment. IAES International Journal of Artificial Intelligence (IJ-AI), 11 (3). pp. 1094-1100. ISSN 2089-4872 / 2252-8938

[thumbnail of Sumadi Aditya Maulana Syaifuddin Suryani - Cyber security Distributed denial of service Honeypot Software defined n.pdf]
Preview
Text
Sumadi Aditya Maulana Syaifuddin Suryani - Cyber security Distributed denial of service Honeypot Software defined n.pdf

Download (373kB) | Preview
[thumbnail of Similarity - Sumadi Aditya Maulana Syaifuddin Suryani - Cyber security Distributed denial of service Honeypot Software defi.pdf]
Preview
Text
Similarity - Sumadi Aditya Maulana Syaifuddin Suryani - Cyber security Distributed denial of service Honeypot Software defi.pdf

Download (2MB) | Preview

Abstract

Distributed Denial of Service (DDoS) attacks is the most common type ofcyber-attack. Therefore, an appropriate mechanism is needed to overcomethose problems. This paper proposed an integration method between thehoneypot sensor and software defined network (SDN) (SD-honeypotnetwork). In terms of the attack detection process, the honeypot serverutilized the Semi-supervised learning method in the attack classificationprocess by combining the Pseudo-labelling model (support vector machine(SVM) algorithm) and the subsequent classification with the AdaptiveBoosting method. The dataset used in this paper is monitoring data taken bythe Suricata sensor. The research experiment was conducted by examiningseveral variables, namely the accuracy, precision, and recall pointed at 99%,66%, and 66%, respectively. The central processing unit (CPU) usage duringclassification was relatively small, which was around 14%. The average timeof flow rule mitigation installation was 40s. In addition, thepacket/prediction loss occurred during the attack, which caused severalpackets in the attack not to be classified was pointed at 43%.

Item Type: Article
Keywords: Cyber security; Distributed denial of service; Honeypot; Software; defined network; Semi-supervised
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Engineering > Department of Informatics (55201)
Depositing User: christianskaditya Christian Sri Kusuma Aditya, S.Kom., M.Kom
Date Deposited: 22 Apr 2024 04:50
Last Modified: 22 Apr 2024 04:50
URI: https://eprints.umm.ac.id/id/eprint/5642

Actions (login required)

View Item
View Item